NetBSD Problem Report #42380

From www@NetBSD.org  Thu Nov 26 07:07:27 2009
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
	by www.NetBSD.org (Postfix) with ESMTP id A5E1C63B8CD
	for <gnats-bugs@gnats.netbsd.org>; Thu, 26 Nov 2009 07:07:27 +0000 (UTC)
Message-Id: <20091126070727.48D1B63B8B4@www.NetBSD.org>
Date: Thu, 26 Nov 2009 07:07:27 +0000 (UTC)
From: perseant@hhhh.org
Reply-To: perseant@hhhh.org
To: gnats-bugs@NetBSD.org
Subject: nss_ldap + pam_ldap + sshd = hang, *unless* you type the wrong password first
X-Send-Pr-Version: www-1.0

>Number:         42380
>Category:       pkg
>Synopsis:       nss_ldap + pam_ldap + sshd = hang, *unless* you type the wrong password first
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Nov 26 07:10:00 +0000 2009
>Originator:     Konrad Schroder
>Release:        5.0_STABLE
>Organization:
University of Washington
>Environment:
NetBSD gro.hhhh.org 5.0_STABLE NetBSD 5.0_STABLE (XEN3_DOMU) #1: Wed Nov 25 12:51:22 PST 2009  perseant@gro.hhhh.org:/usr/obj/sys/arch/amd64/compile.amd64/XEN3_DOMU amd64

>Description:
I've been debugging a curious problem with an LDAP-enabled system: LDAP users are correctly authenticated by PAM, but after they are authenticated the child process of sshd hangs forever.  This does *not* happen, however, if they first mistype their password.  After typing their password a second time they are logged in without difficulty.
>How-To-Repeat:
Follow the steps outlined on http://wiki.netbsd.se/OpenLDAP_Authentication_on_NetBSD.  Try to log in, as a user defined in LDAP, using ssh.
>Fix:
The only thing I've found that worked, curiously, was to disable pthread_at_fork in the nss_ldap package.  I can't tell you why that would possibly do anything (I ran across it on the web, and tried it only out of desperation) but I can provide a crude patch that fixes the problem neatly on my systems:

Index: patches/patch-ah
===================================================================
RCS file: patches/patch-ah
diff -N patches/patch-ah
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ patches/patch-ah    26 Nov 2009 06:53:26 -0000
@@ -0,0 +1,11 @@
+--- ldap-nss.c.old     2009-11-25 22:47:25.000000000 -0800
++++ ldap-nss.c 2009-11-25 22:48:35.000000000 -0800
+@@ -23,6 +23,8 @@
+ 
+ #include "config.h"
+ 
++#undef HAVE_PTHREAD_ATFORK
++
+ #ifdef HAVE_PORT_BEFORE_H
+ #include <port_before.h>
+ #endif

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.